Detections
Analytics

BenHur Firewall Source Port 20 ACL Restriction Bypass

medium Nessus Plugin ID 11052

Language:

Synopsis

It is possible to bypass the firewall on the remote host.

Description

It is possible to connect to firewall-protected ports on the remote host by setting the source port to 20. An attacker may use this flaw to access services that should not be accessible to outsiders on this host.

Solution

Update to 066 fix 2 or:

Reconfigure your firewall to reject any traffic coming from port 20.

See Also

http://www.nessus.org/u?e608b229

Plugin Details

Severity: Medium

ID: 11052

File Name: benhur_ftp_firewall.nasl

Version: 1.27

Type: remote

Family: Firewalls

Published: 7/22/2002

Updated: 1/16/2024

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 4.2

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 3.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N

CVSS Score Source: CVE-2002-2307

Vulnerability Information

Exploit Ease: No known exploits are available

Exploited by Nessus: true

Reference Information

CVE: CVE-2002-2307

BID: 5279